﻿using System;
using System.Collections;
using System.Web.Mvc;
using System.Web.Security;
using AgileBoard.Domain;
using AgileBoard.Dtos;

namespace AgileBoard.Web.Controllers
{
    public class LoginController : BaseController
    {
        // This constructor is used by the MVC framework to instantiate the controller using
        // the default forms authentication and membership providers.
        public LoginController()
            : this(null, null)
        {
        }


        // This constructor is not used by the MVC framework but is instead provided for ease
        // of unit testing this type. See the comments at the end of this file for more
        // information.
        public LoginController(IFormsAuthentication formsAuth, IMembershipService service)
        {
            FormsAuth = formsAuth ?? new FormsAuthenticationService();
            MembershipService = service ?? new AccountMembershipService();
        }

        public ActionResult Index()
        {
            return View();
        }

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult Authenticate(Guid project, Guid? name, string password)
        {
            var rdto = new ResultDTO();
            User currentUser = null;

            try
            {
                IList users = ManagerFactory.UserManager.GetByProject(project);

                if (users.Count == 1 && String.IsNullOrEmpty(((User) users[0]).Password))
                    currentUser = users[0] as User;
                else if (users.Count == 1 && password != null && EncryptPassword(password) == ((User) users[0]).Password)
                    currentUser = users[0] as User;
                else if (name != null)
                {
                    foreach (User user in users)
                    {
                        if (name == user.UserID && EncryptPassword(password) == user.Password)
                        {
                            currentUser = user;
                            break;
                        }
                    }
                }

                if (currentUser != null)
                {
                    SetAuthenticationCookie(currentUser.UserID.ToString());
                    rdto.Message = "success";
                    rdto.Result = true;
                }
                else
                {
                    rdto.Message = "Authentication failed";
                    rdto.Result = false;
                }
            }
            catch (Exception e)
            {
                rdto.Message = e.Message;
                rdto.Result = false;
            }

            return Json(rdto);
        }

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult Logout()
        {
            RemoveAuthenticationCookie();
            return RedirectToAction("About", "Home");
        }

        [NonAction]
        public virtual string EncryptPassword(string password)
        {
            return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1");
        }
    }
}